Computer forensics is the scientific process of capturing (imaging) and analyzing information stored in any electronic format, for the purpose of investigating allegations, to find the truth, with no predisposition as to the outcome.
It encompasses a number of services:
- Disk Forensics: The process of acquiring and analyzing the data stored on physical storage media (computer hard drive, removable media, etc.). Disk forensics includes both the recovery of hidden and deleted data and also file identification.
- Network Forensics: The process of examining network traffic, including transaction logs and real-time monitoring, using sniffers and tracing.
- Internet Forensics: The process of piecing together where and when a user has been on the Internet or internal company network. This is used to determine whether inappropriate Internet content access and downloading was inadvertent or not. It is also used to determine if sensitive information was emailed inappropriately using a personal email account.
- Email Forensics: The study of source and content of electronic mail as evidence. It includes the process of identifying the actual sender, recipient, date, time and location and from where the email originated. Email has become a significant issue for individuals and organizations. Harassment, discrimination or unauthorized activity violating company policy can be identified via email forensics.
- Cloud Forensics: The process of acquiring and analyzing the data stored in cloud servers. CFS has conducted numerous cloud acquisitions and understands the legal and ethical considerations surrounding this form of preservation.
- Mobile Forensics: The process of acquiring and analyzing data stored on mobile devices including cell phones and tablets. With billions of cell phones being used across the world, it is no surprise that the use of cell phone data in criminal and civil court proceedings and corporate investigations has grown exponentially over the years. CFS conducts mobile device acquisitions, including encryption bypasses, and understands the legal and ethical considerations surrounding this form of preservation.
CFS is capable of responding to a security incident, event, or network-type intrusion. CFS conducts a scope assessment with the client, followed by a data acquisition plan involving a variety of potential sources/devices.
Once data is acquired, CFS begins its forensic analysis and investigation to obtain a comprehensive view of a suspected security breach and reconstruct event activity. CFS then utilizes the analysis data and forensic artifacts to identify any additional threats with the ultimate goal of assisting the client contain the threat(s) and begin a remediation process. CFS remains ready to provide clients with additional consultation on where gaps occurred in their security posture and work to help prevent future incidents or attacks.
CFS is capable of conducting complete security assessment services. The security assessment includes, but is not limited to; policy review, technical vulnerability scanning, network architecture review, social engineering simulations, and penetration testing.
Testing can be done with as little or as much knowledge as desired by the client. CFS will work with our clients on how you prefer results to be communicated with your organization.
Electronic discovery involves more than merely recovery of computer data. It involves proper evidence handling and preservation, sifting information through a thoughtful investigative process, and providing results in a form that can be used by a non-technical lead attorney or court.
Electronic discovery is accomplished most effectively when performed in conjunction with a case strategy and an experienced forensic consultant.
Law Enforcement Support
CFS is proud to provide services to the law enforcement community! As former law enforcement officers we understand the demands of forensic work in the public sector and regularly provide services or additional support when needed. CFS’ control and maintenance of electronic evidence comports with the highest standards in the field.
CFS serves as the digital forensic crime lab for numerous law enforcement agencies and County Attorney’s offices in Minnesota. All of our public and private sector client’s information enjoy the same protections which are required by complex criminal investigations, regulations, laws, and litigation practices.
CFS simultaneously manages hundreds of ongoing civil and criminal matters that require a tightly controlled and documented chain of custody. All of CFS’ procedures are designed to ensure legal admissibility.
Furthermore, CFS conducts the annual in-service training for a number of Federal Circuits, including the 8th Circuit (District of Minnesota), and state judicial conferences, focusing on electronic evidence chain-of-custody best practices.
In addition to performing electronic discovery and forensic analysis, Computer Forensic Services (CFS) also provides extensive litigation support services. Recovering information and finding the key evidence is only the beginning.
The matter must be prepared, depositions conducted, and expert witness testimony provided.
CFS regularly presents on various cybersecurity or forensic and evidence handling topics across the country for a wide variety of public and private sector organizations and groups, as well as educational institutions.
In addition, Mark Lanterman has provided training in digital forensics for the United States Supreme Court, and has keynoted the Federal Bar Association Convention, the 11th Circuit Federal Judicial Conference, the 8th Circuit Federal Judicial Conference, the Department of Homeland Security Cybersecurity Conference, the Minnesota Government IT Symposium, and the Minnesota Criminal Justice Institute.
Mark provided the keynote address to the Georgetown Law School’s advanced E-discovery conference and was the keynote speaker at the Chief Justice’s Conference.
Mark is faculty at the Federal Judicial Center, the National Judicial College, and the University of Minnesota.
Mark is also a professor at the University of Saint Thomas Law School, teaching its Cybersecurity program. The Minnesota Supreme Court appointed Mark to the Lawyers Professional Responsibility Board, where he serves on its Rules & Opinion Committee.